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Course Description 


Wireless End to End Security 


Duration: 2 days 


Purpose 


Audience 


Prerequisites 


Objectives 


This course defines what an end to end security is, applied to a 
wireless network. It focuses mainly on the various classes of devices 
involved in the network and the security policies that should be applied 
to them. 


Additionally, this course provides an overview of some technologies 
used outside the enterprise world. 


¢ Anyone involved in the definition of the security policies of the 
enterprise: 


¢ Achief security officer, an Information Systems architect or a 
network manager. 


For a maximum efficiency of this course, it is recommended to have 
previously attended the WL18 course. 


However, it is possible for people with a good knowledge of network 
technology and security practices to attend this course. 


Upon completion of this course, you will: 


¢ Know the terminology employed in wireless security, 


¢ Know the various categories of equipment used in the wireless 
network and their vulnerabilities, 


¢ Be able to identify the security criteria important for the application 
of your enterprise security policy, 
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¢ Be able to establish, deploy and manage an enterprise security 
policy. 


Contents 


¢ Introduction 
¢ The security vocabulary 
¢ The network objects related to security, 


¢ The enterprise objects related to security, and their value for the 
enterprise (information, processes, performance and availability 
properties) 


¢ The control zone definition 
¢ The security policy definition 
¢ The security policy deployment 


¢ The enterprise network and information systems surveillance. 
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Agenda 


Day 1 
¢ Introduction, security vocabulary. The network objects related to 
security, 
¢ The enterprise objects related to security, 
¢ The value of objects for the enterprise (information, processes, 
performance and availability properties) 
Day 2 


¢ The control zone definition 
« The security policy definition 
¢ The security policy deployment 


The enterprise network and information systems surveillance 
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Figure 0-1. Wireless End to End Security WL191.0 
Notes: 
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Objectives 














Figure 0-2. Objectives WL191.0 
Notes: 
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Course Structure 














Figure 0-3. Course structure WL191.0 
Notes: 
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Course Start 











Figure 0-4. Course start WL191.0 
Notes: 
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Unit 1. Introduction, security vocabulary 


What This Unit Is About 


This unit focuses on the definition of the problem. 
In this purpose, it defines the different concepts to be used. 


The main topic of this unit is to explain to the audience that security 
should not be considered as an aggregation of techniques, but as the 
whole functional requirement of an information system. 


What You Should Be Able to Do 


After completing this unit, you should be able to: 


¢ Define precisely the end to end security problem in the wireless 
world with the right words. 


¢ Explain why the most important thing is to consider the whole 
system, even if everything is physically moving in the wireless 
world. 
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Welcome to: 





WL19 


Wireless End to End Security 





Unit 1: Introduction, security vocabul 











Figure 1-1. WL19 WL191.0 


Notes: 


WL419 unit 1 introduces the security vocabulary. 


Many terms are currently used in discussions, such as a firewall, a hacker, authentication, 
privacy, but is their meaning really understood? 


This unit gives the basic definition of the wording, but also the definition that applies in the 
context of an Information system. 
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Objectives 


N 
we 


& 
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After completing this unit, you should be able to: 


* Define precisely the end to end security problem in 
the wireless world with the right words. 


* Explain why the most important thing is to consider 
the whole system, even if everything is physically 
moving in the wireless world. 





Figure 1-2. Objectives WL191.0 


Notes: 


What you should be able to do after completing this unit as part of the WL19 course: 


¢ Define precisely the end to end security problem in the wireless world with the right 
words. 


¢ Explain why the most important thing is to consider the whole system, even if everything 
is physically moving in the wireless world. 
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Contents 
° Firewall: * Encryption. 
v¥ What is it ? ° Integrity. 
v¥ How do we manage it ? ° Virus: 
° Hacker. v¥ What is it ? 
* Authentication. v Virus example. 
* Privacy. v Virus avoidance. 
* Trust. * Worm: 
* Access control. v¥ What is it ? 
* Confidentiality. v Worm example. 
* Accountability: ° Hoax. 
Vv What is it ? ° Exploit: 
v Trusted transaction. v¥ What is it ? 
° Availability: v¥ Exploit example 1. 
¥ What is it ? Vv Exploit example 2. 
¥ 802.11 channels. * WLAN security glossary. 
Y Denial of service. °* End to end security. 
Figure 1-3. Contents WL191.0 
Notes: 


This slide is a list corresponding to the next slides that cover the objectives of this unit. It 
can be kept as a reference to quickly retrieve a definition. 





1-4 Wireless end to end security © Copyright IBM Corp. 2003 


Course materials may not be reproduced in whole or in part 
without the prior written permission of IBM. 


Student Notebook 





Firewall 





Firewall: A fireproof wall used as a barrier to prevent the spread 
of fire. 

A process used to prevent external intruders from accessing 
private networking domains. 





Public domain Firewall Private domain 








Figure 1-4. Firewall WL191.0 


Notes: 


In the computer world, a firewall is a process used to prevent external intruders from 
accessing private networking domains. 
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Firewall 





€Symantec Desktop Firewall Xx 


The firewall needs ' 
instructions from the s ALERT 


user to protect him. 





A Symantec Desktop Firewall has detected that Application x is 
attempting to access the Intemet. 


Any attempt from an 
application either to 


Details 





Application: C:\...\ Applic_x.exe 


. Time: 23/07/2003 09:54:31 
exit or to enter a user Flercte Servieee Gubound TCP on Rp PaCTn 
system Is detected and Remote address: Bae er 


generates an Alert. (2888208) 
Before Application x can access the Intemet, you must tell Symantec 
Desktop Firewall how you would like it to handle this application. 


The user must then 

carefully configure the oo [eo] Ce ee ce 
acceptance rule or @_ Block this network communication this time. 
block the application. @== BY] penstcsneswork communication tis tine 


If you receive multiple alerts from a application, you should configure a rule 
or shut down the application. 





Figure 1-5. Firewall WL191.0 


Notes: 


The firewall needs instructions from the user to protect him. 


Any attempt from an application either to exit or to enter a user system is detected and 
generates an Alert. 


The user must then carefully configure the acceptance rule or block the application. 
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Hacker 


Hacker: An individual who illegally gains access to an electronic system, 
using clever tricks. 





Public domain Firewall Private domain 





Hacker: | 






* Intrusion 

° Impersonation 

* Man in the Middle 

° Usage of 
weakness 

* Data capture 








Figure 1-6. Hacker WL191.0 


Notes: 


Hacker: An individual who illegally gains access to an electronic system, using clever 
tricks. 


The hacker may be somebody from the external world, as well as somebody from the 
enterprise itself. 


He is expert in system vulnerabilities and knows the tools to perform any kind of attack: 
¢ Intrusion 
¢ Impersonation 
¢ Man in the Middle 
- Usage of weakness 


¢ Data capture 
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Authentication 


Authentication: Verification of the identity of a user or the users 
eligibility to access an object. A process used to verify the integrity of 
transmitted data, especially a message. 








User’s authentication 


B »)) CCC 


Server’s authentication I: =| 






Applications 
ee [HL 


Authentication 








User id / Password 
Key exchange 

Challenge-response 
Biometry, etc 





User id / Password 
Key exchange 
Challenge-response 









Figure 1-7. Authentication WL191.0 


Notes: 


Authentication: 


Verification of the identity of a user or the users eligibility to access an object. A process 
used to verify the integrity of transmitted data, especially a message. 


Authentication is the process used to verify that an entity, presented as "name x" is really 
"name x". 
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Privacy 





Privacy: The condition of being secluded from others. (Individual secrecy). 


Employees personal data 


> [ij 










Company restricted data 


Applications 


Specific applications 


Inputs / Outputs 





Figure 1-8. Privacy WL191.0 


Notes: 


Privacy is the respectful usage of personal information. 





© Copyright IBM Corp. 2003 Unit 1. Introduction, security vocabulary 1-9 


Course materials may not be reproduced in whole or in part 
without the prior written permission of IBM. 


Student Notebook 





Trust 





) , Trust: Firm reliance on the integrity or ability of a person or thing. 


Authenticated entities must be trusted 


System administrator 

Every company employee 
Designated servers 

Proven applications 

Wireless devices 

Point of Sales (electronic payments) 
Cookies from selected Web sites 


Firewalls must be configured to block access to untrusted entities: applications 
or data download. 


Limited data exchanges are possible with untrusted devices. 





Figure 1-9. Trust WL191.0 


Notes: 


Trust is the state of confidence that is established with a person or with an entity. 





1-10 Wireless end to end security © Copyright IBM Corp. 2003 


Course materials may not be reproduced in whole or in part 
without the prior written permission of IBM. 


Student Notebook 





Access control 









Access control: The process to grant the right to 
enter or make use of an entity. 








Application 1 
/) Application 2 
Application 3 A 


Application 4 | 
SS sonteatons 










Figure 1-10. Access control WL191.0 


Notes: 


Access control: 


The process to grant the right to enter or make use of. 
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Confidentiality 


Confidentiality: State of being in confidence. Data confidentiality is 
restricted access to data. 










Hardware 
developer 


Company a 
documents 

Technical 

project 2 = 





‘ : P Technical 
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ri 
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Figure 1-11. Confidentiality WL191.0 


Notes: 


Confidentiality: State of being in confidence. Data confidentiality is restricted access to 
data. 
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Accountability (non repudiation) 


Accountability: The state to be believable. Repudiation means rejection 
of a specific act. 





What_can be repudiated ? 


° Sent messages 
| have never sent that... 


° Received messages 
> | have never received that... 


° Used Resources 
| have never been connected with this to do that... 


How to make an object accountable (non-repudiable) ? 
° Public Key cryptography 

° Digital certificates 

° Digital signature 





Figure 1-12. Accountability (non repudiation) WL191.0 


Notes: 


Accountability: The state to be believable. Repudiation means rejection of a specific act. 
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Accountability (non repudiation) 


Trusted transaction: A transaction guaranteed for its integrity. 
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Figure 1-13. Accountability (non repudiation) WL191.0 


Notes: 


A "trusted transaction" is an operation that cannot be repudiated by its author. This slide 
shows the example of an electronic document to which we attach an electronic signature. 


This accountability relies on the use of a Public key encryption, legally protected by a 
Certification authority. 
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Availability 





Availability: Capability of being used or gotten. Security concern is unavailability due to 
malicious actions or by misplacing units using the same wavelengths. 


Denial of Service by jamming 
the radio domain with a 
powerful emitter or an emitter 
with a directional antenna 








Figure 1-14. Availability WL191.0 


Notes: 


Availability: Capability of being used of gotten. Security concern is unavailability due to 


malicious actions or by misplacing units using the same wavelengths. 
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Availability 





802.11b defines 14 channels in the 2.4 GHz ISM band, using DSSS 
All those channels are not available worldwide 





8 9 10 11 12 13 





2400 2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 2467 2472 2483,5 7484 2495 


Non-overlapping channels can be installed in the same area and be usable 
simultaneously. Same channels must not be used in the same area. Overlapping 
channels have some interferences, but can co-exist anyway. This picture helps to 
determine the location of Access Points in a building for a good availability with 
minimum interferences. 








Figure 1-15. Availability WL191.0 
Notes: 

This slide shows the frequency distribution of the 2.4 GHz ISM band into channels. 
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Availability 
Denial of Service vulnerabilities on Wireless Networking 


* Unspecified Network Traffic 

* Multiple authentication requests 

* Recursive JavaScript events 

° Improper JavaScript's 

* Internet frames refresh 

* Send de-authentication packets 

* Send authentication error packets 
* Simulation of an Access Point 

* Send gigantic files 

° Proxying / Hijacking (handling traffic between two machines) 
° Man-in-the-middle attack 

* Impersonation 





Figure 1-16. Availability WL191.0 


Notes: 


Denial of Service vulnerabilities on Wireless Networking 
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Encryption 


sm: On Encryption: Computer science to scramble data to prevent 


ya unauthorized access. 


Symmetrical encryption: 802.11 WEP 


@:-8@2:'@ 
~~... Sane key ep 


Asymmetrical encryption: Public Key Infrastructure 


Private key anv _— data 














Figure 1-17. Encryption WL191.0 


Notes: 


Encryption: Computer science to scramble data to prevent unauthorized access. 
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Integrity 


eA 





Integrity: From Latin integer (whole), data integrity indicates 
that information does not suffer any kind of alteration. 


Protection from lost or damaged data due to malicious actions. 


* Use efficient encryption techniques to secure data transmitted over shared domains. 
* Protect network accesses to avoid Man-in-the-middle attacks and impersonation. 


* Detect and prevent proxying / hijacking. 








Figure 1-18. Integrity WL191.0 


Notes: 


Integrity: From Latin integer (whole), data integrity indicates that an information does not 
suffer any kind of alteration. 
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Virus 





Virus: Any of various submicroscopic, often pathogenic parasites that 
consist essentially of a core of RNA or DNA surrounded by a protein 
coat. A computer virus is an illegal program installed by a 
malicious action, containing actions intended to create disasters. 





Legal program Infested program Virus 





Normal flow Disturbed flow 





Figure 1-19. Virus WL191.0 


Notes: 


A computer virus is an illegal program installed by a malicious action, containing actions 
intended to create disasters. 
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Virus example 





From: lvprocom <Ivprocom@aol.com> 
30/01/2003 02:07 


To: [Your email address] 


Subject: A WinXP patch [“Your company's antivirus detection system has 
identified a virus in an attachment to this e-mail. The attachment has been 
deleted and replaced with a dummy file. No further reporting or action is 
required on your part. THIS E-MAIL IS NOW SAFE TO OPEN. 


Visit “Your.company.URL/virus for more information."] 


ccrpnews. pif 
This is a WinXP patch 


I hope you enjoy it. 








Figure 1-20. Virus example WL191.0 


Notes: 


This E-mail has really been sent on the IBM mail system. 
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Virus avoidance 





Viruses have many ways to spread themselves to other computers: 
¢ Email attachments (executables) 

¢ Unprotected network shares (not password protected) 

. etc. 





Weaknesses of personal computers: 

¢ Unprotected email system 

¢ Executing infected files 

* Receiving infection from friend infected systems 

¢ Administrative shares (ADMINS, C$, and IPC$) with trivial password. 
¢ Excessive usage of file sharing (even not protected) 





Recommendations: 

¢ Disable file and print sharing 

¢ Use a personal firewall, such as Symantec Desktop Firewall 

¢ Protect Administrator, Guest and Owner accounts with good passwords 
(ITCS300) 

¢ Use the latest anti-virus available. 





Figure 1-21. Virus avoidance WL191.0 


Notes: 


Recommendations to follow. 
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Worm 
No 

Worm: Any of various invertebrates, such as an earthworm or 
tapeworm, having a long, flexible, rounded or flattened body. A 
computer worm is a piece of program appended to a legal 
program, producing undesirable results. 

Worm 
Legal program Infested program 





Normal flow Disturbed flow 





Figure 1-22. Worm WL191.0 


Notes: 


A computer worm is a part of program appended to a legal program, producing undesirable 
effects. 
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Worm example 





No 


From: Your company_Security_department@main_location 

To: All company employees WW 

Subject: ACTION REQUIRED - BAT_SPYBOT.A (aka BAT.MUMU.A.WORM) 
Vulnerability: BAT_SPYBOT.A (aka BAT.MUMU.A.WORM) 

Systems affected: Windows 2000, Windows XP and Windows NT4. 


Problem defined: The BAT_SPYBOT.A worm performs a brute-force password guessing attack by which it 
attempts to gain access to administrator privileges on workstations running Windows 2000, Windows XP and 
Windows NT4 and spread itself throughout the network. The worm significantly slows network connectivity. 


The most vulnerable systems are those on which trivial or no passwords are in use. 
Take action! 


All employees should take the following actions immediately: 


Run LiveUpdate (http://your_company.com/Virus/liveupdate.html) - to acquire the latest virus definitions for your 
anti-virus application. 


Scan your workstation (http://your_company.com/virus/navscansteps.html) - after you have updated your virus 
definitions. 


Ensure your Windows password complies with the password security standard of your company. 
Your Windows password is what you use to log in to your PC. 

Verify that your password is compliant; if the password complies, no further action is necessary. 
If your password is not compliant, you must change it immediately. 


To change your password, hit CTRL+ALT+DELETE, select Change Password, and enter a new password 
complying with the password security standard. Click OK. 


Additional information is available at http://your_company.com/virus 





Figure 1-23. Worm example WL191.0 


Notes: 


This slide shows the action of the IBM antivirus team when they are informed of the 
presence of a worm. 
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Hoax 
Hoax: An act intended to deceive or trick. An attempt to make you 
execute an invalid action. 
Legal program You Legal program 
Normal flow Normal flow 
Figure 1-24. Hoax WL191.0 


Notes: 


Hoax: An act intended to deceive or trick. An attempt to make you execute an invalid 
action. 
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Exploit 





Exploit: A method using the known vulnerabilities of applications 
or operating systems to run specific programs like read / write 
on disk, or enter a network. 





Bugged program 









Normal entry 


Unexpected entry 


Vulnerability 


Normal 
functions 





Figure 1-25. Exploit WL191.0 


Notes: 


Exploit: A method using the known vulnerabilities of applications or operating systems to 
run specific programs like read / write on disk, or enter a network. 
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Exploit example 1 





Motorola Cable router hole 


Description: Motorola Cable Routers listen on port 1024 regardless of IP access restrictions for 
some reason. This hole in combination with the default login: cablecom password: router can 
lead to easy unauthorized access 


Author: January <january@SPY.NET> 
Compromise: unauthorized administrator access 


Vulnerable Systems: Motorola Cable Routers, especially those where the admin left the default 
passwords in place (always a horrible idea). 


Date: 10 May 1998 


Notes: Cable modem users must connect from the Internet interface, not from the interface on 
their side of the router. Also Motorola wrote me to say this has been fixed. They claim that all 
customers have upgraded to newer software. 


Source: Internet. 





Figure 1-26. Exploit example 1 WL191.0 


Notes: 


An exploit using a Motorola product weakness. 
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Exploit example 2 





Vulnerability with -C in *IBM's* version of sendmail 





Description: Supposedly, /usr/lib/sendmail -C <anyfile> will display the file specified regardless 
of permissions. This is also true on versions of sendmail prior to 8.8.7 if they are installed 
setgid. They shouldn't be setgid, but an errant makefile sets them that way. 


Author: "DI. Dr. Klaus Kusche" <Klaus.Kusche@OOE.GV.AT> 
Compromise: Read files beyond your permission. 


Vulnerable Systems: the IBM sendmail on AIX 4.1.5 and sendmail prior to 8.8.7 which is 
installed setgid. 


Date: 6 August 1997 


Notes: A post from Troy Bollinger at IBM clarified that you have to be in the "system" group 
(gid 0) in order to use the -C trick. This limits the exploit potential A LOT! Also, A post by Eric 
Allman is appended to Dr. Kusche's post. 


Source: Internet. 





Figure 1-27. Exploit example 2 WL191.0 


Notes: 


An exploit using an IBM product weakness. 
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WLAN Security Glossary 


jn’ Ad-Hoc network: Self created network 
CCX: Cisco Client eXtension 
CCW: Cisco Compatible Wireless 
EAP: Extensive Authentication Protocol 
EAP-TTLS: EAP - Tunneled Transport Layer Security 
LEAP: Cisco Proprietary 802.1x extension 
MAC: Media Access Control 
PAN: Personal Area Network 
PDA: Personal Digital Assistant 
PWLAN: Public WLAN 
RADIUS: Remote Authentication Dial-In User Service 
Rogue AP: An pirate Access Point inserted in a WLAN 
SSID: Subsystem identification 
VPN: Virtual Private Network 
WAN: Wide Area Network 
WEP: Wired Equivalent Privacy 
Wi Fi: Wireless Fidelity 
WLAN: Wireless Local Area Network 
WPA: Wi Fi Protected Access. WPA 2.0 = 802.11i 





Figure 1-28. WLAN Security Glossary WL191.0 


Notes: 


Some terms currently used in the wireless network security world. 
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End to end security 
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Figure 1-29. End to end security WL191.0 


Notes: 


This slide figures out a typical network using private and public networks. 
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Summary 


Firewall: 

¥ What is it ? 

v¥ How do we manage it ? 
Hacker. 
Authentication. 
Privacy. 
Trust. 
Access control. 
Confidentiality. 
Accountability: 

¥ What is it ? 

Y Trusted transaction. 
Availability 

¥ What is it ? 

Y¥ 802.11 channels. 

Y Denial of service. 


Encryption. 
Integrity. 
Virus: 

v¥ What is it ? 

v Virus example. 

Y Virus avoidance. 
Worm: 

v¥ What is it ? 

v Worm example. 
Hoax. 
Exploit: 

¥ What is it ? 

v¥ Exploit example 1. 

Vv Exploit example 2. 
WLAN security glossary. 
End to end security. 





Figure 1-30. Summary 


Notes: 


What this unit has covered. 


WL191.0 
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Unit 2. The network objects related to security 


What This Unit Is About 


This unit describes all the objects that are involved in a security 
process within the enterprise. Here, the term "network" should be used 
in a very global way, like "any object that exchanges data with another 
object, with or without storing it, with or without a permanent 
connection, with a without being submitted to an authority when trying 
to exchange data with another object". The main purpose of this unit is 
to explain the interactions between objects, also what we could name 
"the how". 


What You Should Be Able to Do 


After completing this unit, you should be able to: 


¢ Define precisely all the objects that are involved in security 
processes within the enterprise. 


¢ Explain how to security is a distributed process implemented within 
all the objects. 
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Welcome to: 


WL19 


Wireless End to End Security 
= 





Unit 2: Network structure 














Figure 2-1. WL19 WL191.0 


Notes: 


WL419 unit 2 introduces the elements related to the security in a network. 


Wireless networking is mainly addressed through Wi-Fi and Bluetooth that use different 
concepts to achieve different usages. Those two complementary technologies are also 
complementary with others, for which the same security principles apply. 
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Objectives 


N 


VV 
SS 
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After completing this unit, you should be able to: 


¢ Define precisely all the objects involved in security 
processes within the enterprise. 


¢ Explain how the security is a distributed process 
implemented within all the objects. 








Figure 2-2. Objectives WL191.0 
Notes: 
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Contents 


Corporate Security View 
Network lines and cables 

The Wireless Network 
transmitters-receivers 

The Network Nodes 

The Third Party Network Service 
Providers 

The End-User’s equipments 
User authentication methods 
802.11: Authentication modes 


802.11: WEP Encryption 
802.11: MAC frames / WEP 
Weakness of WEP 
Security in Wi Fi 
Bluetooth authentication 
Bluetooth encryption 
Bluetooth: Radio range 
Bluetooth: Public usages 
Encryption: PKI 





Figure 2-3. Contents WL191.0 


Notes: 


This slide is a list corresponding to the next slides that cover the objectives of this unit. 
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Corporate Security View 








Figure 2-4. Corporate Security View WL191.0 


Notes: 


A centralized network will focus on performances and operations first. This leads to 
consider the associated security at application level and on the network related operations. 
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Network Lines and Cables 





User needs: e-mail, Internet access, data synchronization, data sharing and printing. 
Conditions: Without wires, independent of location and within the standards and 


security restrictions. 






v TPP/WPP Wireless modems/Bluetooth cell phones 
v IBM SecureWay Firewall/VPN 
v SecureWay Wireless Gateway 





v IBM 802.11b 
Home Gateway 
v IBM Bluetooth 










v Wayport 
¥ MobileStar 
v IBM VPN 


v IBM 802.11b Access Points 
¥ 802.11b Access Servers 
v IBM Bluetooth options 
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Figure 2-5. Network lines and cables WL191.0 


Notes: 


Networking is mainly spread into three domains: 


« PAN (Personal Area Networks) 
¢ LAN (Local Area Networks) 
¢ WAN (Wide Area Networks) 


This slide shows typical examples in a wireless and mobile context. 
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Network Lines and Cables 
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Figure 2-6. Network lines and cables WL191.0 


Notes: 


This slide continues to show the typical usages and connectivity of the three networking 
domains, but here we focus on the existence of a private domain, its internal and external 


connections. 
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The Wireless Network Transmitters-receivers 
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bs Bluetooth 
PDA + Wi Fi + Wi Fi 

we 
Figure 2-7. The Wireless Network transmitters-receivers WL191.0 
Notes: 
Here are some products making various types of connectivity. 
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The Network Nodes 





Router 














Switch 
Packets Source / destination Destination / source Packets 

Gr 
Pu 
Ye 
Re 

Figure 2-8. The Network Nodes WL191.0 

Notes: 

Here we see a router and its main component: the switch. This is just an example of 

configuration. Many possibilities exist. 
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The Third-party Network Service Providers 











Figure 2-9. The Third-Party Network Service Providers WL191.0 


Notes: 


Security concerns are complex when a network combines private domains, connected both 
through the public domain and a semi-public provider 
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The End-user’s Equipments 
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Figure 2-10. The End-User’s equipments 


Notes: 


WL191.0 


Here are some equipments that we can find on the market today, and the networking 
standards that they use. 
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User Authentication Methods 


What you know 


What you have 


What you know and 
what you have 


Something unique 
about the user 
Something you are 


User ID 
Password 
PIN 


ATM card + PIN 


Fingerprint 
Face 

Iris 

Voice print 





Shared 
Many passwords easy to guess 
Forgotten 


Shared 
Can be duplicated 
Lost or stolen 


Shared 
PIN a weak link 
(Writing the PIN on the card) 


Not possible to share 
Repudiation unlikely 
Forging difficult 

Cannot be lost or stolen 


Source: IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001 - © 2001 IBM 
“Enhancing security and privacy in biometrics-based authentication 


systems” 





Figure 2-11. User authentication methods 


Notes: 


WL191.0 


Unit 1 defined the Authentication. Here are the general ways to perform it. 
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802.11: Authentication Modes 


Open System authentication. In an Open System, any station may become 
authenticated. This is the Default authentication mode. 


Shared Key authentication. Use of this authentication mechanism requires 
implementation of the wired equivalent privacy (WEP) option. In a Shared Key 
authentication system, identity is demonstrated by knowledge of a shared, 
secret, WEP encryption key. 


Authentication Bilkent bali 
“_Challenge (random number) (random number) 
Access 
Response Besponse (encrypted numbed number) Point 
_Authentication result result 





Mutual authentication is required. Client identified by AP, and AP identified by client. 





Figure 2-12. 802.11: Authentication modes WL191.0 


Notes: 


By default, 802.11 performs an Open System authentication, where any station can be 
recognized. Fortunately this standard also uses a strong authentication method called 
Shared Key authentication, where a key must be recognized by both parties to achieve the 
connection process. 
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802.11: WEP Encryption 





Symmetrical encryption: 802.11 WEP 


Plain Data 





Key 
sequence Seed 
v 
Encryption @XOR @xXOR__ Decryption 
Encrypted 





WEP: The optional cryptographic confidentiality algorithm specified by IEEE 802.11 used to provide data confidentiality 


that is subjectively equivalent to the confidentiality of a wired local area network (LAN) medium that does not employ 
Oey eu e ke (ae 





Source: IEEE 802.11 





Figure 2-13. 802.11: WEP Encryption WL191.0 


Notes: 


Considering the additional risk due to the radio transmission compared to a wired network, 
the 802.11 standard has taken the objective to offer a data protection equivalent to a wired 
network (LAN) in which no data encryption is used. This is the reason of choosing WEP 
(Wired Equivalent Privacy). 
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802.11: MAC Frames / WEP 


802.11 MAC frame format 





0 - 2812 4 bytes 


-rame 


2 2 4 1 1 1 1 1 1 1 bits 





‘Wer = 1 if the Frame Body field contains information 
that has been processed by the WEP algorithm. 
WEP = Wired Equivalent Privacy. 








Encryption 
Source: IEEE 802.11 
Figure 2-14. 802.11: MAC frames / WEP WL191.0 
Notes: 
Using encryption is optional in 802.11. 
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Weakness of WEP 





WEP uses RC4 chain ciphering algorithm, developed by Ron 
Rivest in 1987 and disclosed in September 1994. RC4 is 10 times 
faster than DES. 


Invariance weakness attack: 
Takes profit of the use of weak keys, such as ASCII text or similar. Using weak keys reduces 
considerably the number of possible keys to try. 


Known IV attack: 

It is generally easy to determine the first word of a message, which is generally a constant like 
the date or the address of the sender. With this information, the determination of the key requires 
only 1000000 to 5000000 packets. 


Authentication attack: 
Capturing the Challenge-response authentication packets exchanged by a legitimate user 
provides enough information to initiate a valid authentication request. 


Reference: Weaknesses in the key scheduling algorithm RC4 
S.Fluhrer, I. Mantin, A.Shamir, august 2000 





Figure 2-15. Weakness of WEP WL191.0 


Notes: 


A WEP weakness has been identified. Several possibilities exist, they look easy to 
implement and do not require extensive investment. 
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Security in Wi Fi 





Recommendations: 


Build secure standards: 
802.11 WEP weaknesses would have been avoided by taking advises from Security experts. 


Use encryption to exchange management packets: 


Most of network management packets are exchanged in clear. This allows hijacking and 
impersonation. Encryption techniques can generally be used to carry those frames. 


Preferably use WPA devices: 


Wi Fi Protected Access is an approach to temporarily solve the WEP weaknesses. It uses the 
protocol TKIP (Temporary Key Integrity Protocol) which imposes the change of the key when a 
packet greater than 10KB has been sent. 


Possibly design 802.11i solutions: 


IEEE is developing the standard 802.11i in complement to 802.11, based on an architecture 
802.1X/EAP (Extensible Authentication Protocol) which will allow the distribution of encryption 
keys per user in each session. We find there: 

* LEAP (Lightweight EAP) from Cisco, a proprietary solution based on RADIUS and LDAP, 

* EAP-TLS (Transport Secure Layer), an open standard adopted by most of the providers, based 
on EAP and using a PKI infrastructure at the Radius authentication server. 





Figure 2-16. Security in Wi-Fi WL191.0 


Notes: 


Solutions exist to get LAN transmissions secure. 
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Bluetooth Authentication 


Bluetooth defines two types of devices: Trusted and untrusted (or unknown). 


™ 
Bluetooth usage cases 
U Qe 0 0 are defined in Profiles. 


A Profile defines a selection of messages and procedures (generally termed 
capabilities) from the Bluetooth SIG specifications and gives an unambiguous 
description of the air interface for specified service(s) and use case(s). 


Authentication is one of the procedures defined in the Profile. It is part of the product 
implementation. It is guaranteed by the Qualification Program. 


A Bluetooth device must be qualified with at least one supported Profile. 
Two devices intended to work together are associated by Pairing. 


Two unknown devices may communicate, although they are not associated, but high 
level protection is achieved by using Pairing. 


Authentication of paired devices is done by challenge response. 





Figure 2-17. Bluetooth authentication WL191.0 


Notes: 


Basically from the Bluetooth Core specifications, Bluetooth communications can be 
optionally protected, but in a given usage, the protection is mandatory as specified in the 
corresponding profile. 
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Bluetooth Authentication 
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Figure 2-18. Bluetooth authentication WL191.0 


Notes: 


Strong protection is achieved by pairing devices. 
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Bluetooth Encryption 


Symmetrical encryption: Stream ciphering for Bluetooth with E0 


Plain text / Cipher text 






Address 






XOR 
EO Step 3 


EO Step 2 





EO Step 1 Cipher text / Plain text 





Figure 2-19. Bluetooth encryption WL191.0 


Notes: 


The Bluetooth encryption uses a different algorithm that the 802.11 standard. 
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Bluetooth: Radio Range 


Security is also provided by the limited range: Three 
emission levels are available in Bluetooth: 20 dBm, 4 dBm, 0 dBm, 
respectively called Class 1,2 and 3 devices. 


Power control: A power control is required for power class 1 
equipment. The power control is used for limiting the transmitted power 
over 0 dBm. Then a mixed combination of devices has an emission power 
equal to the power of the less powerful device. 


Range: Typically a Class 1 device has a range equivalent to a LAN 
device, about 100 meters, assuming that it is connected to another class 1 
device. Small devices, which are battery powered, are typically class 3 and 
have a 10 meter range. Laptops which integrate both Bluetooth and 
802.11b are also class 3 devices (on the Bluetooth implementation) to 
reduce interferences with the LAN and allow simultaneous functionality. 


Limited range improves security in wireless communications. 





Figure 2-20. Bluetooth: Radio range WL191.0 


Notes: 


As soon as the range is reduced, the security is improved, but let's first correct a common 
public mistake. 


People believe that the Bluetooth radio range is 10 meters. Actually, according to the 
Bluetooth specification, the range can be as long as a 802.11 radio communication, but 
Bluetooth works in specific conditions which change the game. 
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Bluetooth: Public Usages 


Tourism application 
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Ad Hoc connectivity does not always require security, but always 
require awareness. 





Figure 2-21. Bluetooth: Public usages WL191.0 


Notes: 


The previous slides have shown the usage of LAN and PAN technologies to securely 
transport data. 
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Encryption: PKI 


Asymmetrical encryption: Public Key Infrastructure 
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Figure 2-22. Encryption: PKI WL191.0 


Notes: 


PKI is a way to personalize an encryption. 
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Summary 
Network structure. — 


* Corporate Security View 

° Network lines and cables 

° The Wireless Network 
transmitters-receivers 

° The Network Nodes 

°* The Third Party Network Service 
Providers 

° The End-User’s equipments 

° User authentication methods 

* 802.11: Authentication modes 


802.11: WEP Encryption 
802.11: MAC frames / WEP 
Weakness of WEP 
Security in Wi Fi 
Bluetooth authentication 
Bluetooth encryption 
Bluetooth: Radio range 
Bluetooth: Public usages 
Encryption: PKI 





Figure 2-23. Summary 


Notes: 


What this unit has covered. 


WL191.0 
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Unit 3. The enterprise objects related to security 


What This Unit Is About 
The purpose of this unit is to explain why objects are interfering to 
each other. 


Here, we will mainly focus on the semantic part of the objects, the 


meaning they carry, and why security should be considered each time 
the objects are processed. 


What You Should Be Able to Do 


After completing this unit, you should be able to: 


¢ Establish your enterprise criteria which will be used to qualify the 
security measures to apply on the objects. 
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Welcome to: 





WL19 os 
Wireless End to End Security 
| 






Unit 3: The enterprise objects related fs 








Figure 3-1. WL19 WL191.0 


Notes: 


WL419 unit 3 introduces the objects of the enterprise that are related to the security. 


This includes the equipments, the data, the process. 
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Objectives 


= 


S 


After completing this unit, you should be able to: 


° Establish your enterprise criteria which will be used 
to qualify the security measures to apply on the 








objects 
Figure 3-2. Objectives WL191.0 
Notes: 
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Contents 


Enterprise systems evolution Credential system risk 
Enterprise structure data management 

Enterprise business data Identity policy metrics 
Access control data Risk management profile 
Data related to individuals Assessing security risks 
Access control risk IBM embedded Security 
management Subsystem 

Access policy metrics Proximity lockout badge 
Information flow risk * Biometry technologies 


management * Biometry categories 
° Flow policy metrics 





Figure 3-3. Contents WL191.0 


Notes: 


This slide is a list corresponding to the next slides that cover the objectives of this unit. 
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Enterprise Systems Evolution 








Figure 3-4. Enterprise systems evolution WL191.0 


Notes: 


The traditional picture of the enterprise systems has changed because of miniaturization 
and improvements. Now we have powerful computers: Laptops, PDA's, etc., which in 
addition are portable. 
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Enterprise Structure Data 


tr] 


Figure 3-5. Enterprise structure data WL191.0 

















Notes: 


Here we look at the kind of data that represent the structure of the enterprise. 
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Enterprise Business Data 
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Figure 3-6. Enterprise business data WL191.0 


Notes: 


Here we look at the kind of data that represent the business of the enterprise. 





© Copyright IBM Corp. 2003 Unit 3. The enterprise objects related to security 3-7 


Course materials may not be reproduced in whole or in part 
without the prior written permission of IBM. 


Student Notebook 





Access Control Data 





Personal devices Data / Application servers 








Figure 3-7. Access control data WL191.0 


Notes: 


Access control generate data. This slide takes care of this kind of data. 
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Data Related to Individuals 











Figure 3-8. Data related to individuals WL191.0 


Notes: 


Knowing the skills covered by the personal of an enterprise is equivalent to know the 
enterprise structure. 
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Access Control Risk Management 


Access Management functions 


Identification Manager 
Authentication Manager 


Authorization Manager 
Subject Binding Manager 
Interaction State Manager 
Access Policy Management 
Service 








Figure 3-9. Access control risk management WL191.0 


Notes: 


This slide shows how to determine the list of functions to be considered as part of the Risk 
management. The example is the Access control. Next slide will indicate how to produce a 
list of policies that matches the Risk management functions. 
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Access policy metrics 


Access control 


Method of identification 
Method of authentication 
Method of authorization 
Method of binding 
Method of state management 
Method of recording events 














Figure 3-10. Access policy metrics WL191.0 


Notes: 


The policies provide reference elements to make the security functions measurable. 
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Information Flow Risk Management 


Flow Control functions 








Figure 3-11. Information flow risk management WL191.0 


Notes: 


The information flow is another domain to be managed on the model of access control. 
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Flow Policy Metrics 










Method of attachment 
Protocols and connections 
Interactions permitted 
Boundaries enforced 
Method for privacy 

Method for recording events 





Figure 3-12. Flow policy metrics WL191.0 


Notes: 


Again the policies must match the functions and have a value. 
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Credential System Risk Management 


Identity Management functions 








Figure 3-13. Credential system risk management WL191.0 


Notes: 


After access control and information flow, identity / credential is a new domain. 
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Identity Policy Metrics 


Identity Policy 


Method of enrollment 
Method of approval 
Method of Id creation 
Method of Id package 
Method of Id distribution 
Method of Id validation 
Method of cycle management 
Method for recording events 

















Figure 3-14. Identity policy metrics WL191.0 


Notes: 


Policies for the identity / credential system. 
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Risk Management Profile 


















Access control risk 
management 


Access policy 
metrics 


Credential system 
risk management 


Identity policy 
metrics 








Figure 3-15. Risk management profile WL191.0 


Notes: 


Combining policies and their values leads to build the risk management profile. 
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Assessing Security Risks 


Risk assessment is systematic consideration of: 


° The business harm likely to result from a security failure, taking 


into account the potential consequences of a loss of 
confidentiality, integrity or availability of the information and 
other assets, 


° The realistic likelihood of such a failure occurring in the light of 
prevailing threats and vulnerabilities, and the controls currently 
implemented. 


Resulting management actions and priorities: 
° Manage information security risks, 
* Implement controls selected to protect against these risks. 


° Repeat Risk assessment to cover different parts of the 
organization or individual information systems. 





Figure 3-16. Assessing security risks WL191.0 


Notes: 


What is a risk assessment? Managing risks. 
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IBM Embedded Security Subsystem 


The IBM embedded security subsystem is a hardware 
implementation installed on a system mother board in the 
purpose to perform the following functions: 


° Provides hardware-based protection of critical security information. 
° Handles passwords, encryption keys, and electronic credentials. 


°* Protects information and PCs from "sniffers," Trojan horses, and other 
invaders. 


°* Helps identify computer users involved in transactions. 


* Helps establish that data transmissions are authentic, confidential, and 
intact. 


°* Protects electronic transmissions generated by applications such as 
Microsoft Outlook, Lotus Notes, Microsoft Internet Explorer and 
Netscape Navigator. 





Figure 3-17. IBM embedded Security Subsystem WL191.0 


Notes: 


The IBM embedded Security Subsystem is a hardware subsystem that protects a 
computer. 
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Proximity Lockout Badge 


Proximity badge for Access control: 


°* Enhanced Security Features for secure, Mobile computing. 
° Uses wireless technology: Infrared, ISM radio, Bluetooth. 





qn 


Figure 3-18. Proximity lockout badge WL191.0 





Notes: 


The proximity lockout badge locks your computer when you are away. It is ideal for open 
spaces and during meetings with external participants. 
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Biometry Technologies 


° D.N.A. biometry (human unique id) 
°* Finger biometry 

° Hand Geometry biometry 

* Iris / Retina biometry 

°* Face biometry 

* Voice and Conversational biometry 
* Lips Movement biometry 

* Signature biometry 

* Vein biometry 


Wireless PDA with * Heartbeat biometry 
Biometric Scanner ° Ear biometry 





* Smell biometry 
* Keystroke biometry 
* Gait biometry 





Figure 3-19. Biometry technologies WL191.0 


Notes: 


Here is the list of the biometry technologies known today and one example. 
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Biometry Categories 





The biometrics are mainly divided into two categories: 


Characteristics 


Technologies 





Physiological 


Fingerprints Unique and permanent 
Hand geometry 

Retinal & iris scanning 

Facial recognition 


DNA 





Behavioral 


Unique but variable 


Voice patterns 
Signature verification 
Key stroke patterns 
Gait 





Physiological biometrics exploit a unique human physiological characteristic, on the other hand the 
behavioral are based on a pattern of human behavior that is distinguishing an individual. 


However, the biometrics technologies can also be categorized such as Chemical (DNA Matching), 
Visual (Fingerprint, Face, Retina, Iris, Ear), Olfactory (Smell), Visual/Spatial (Hand geometry), 
Visual/Behavioral (Signature verification) and Auditory (Voice biometrics). 


Because a biometric property is an intrinsic property of an individual, it is difficult to surreptitiously 
duplicate and nearly impossible to share. Additionally, a biometric property of an individual can be 
lost only in case of serious accident. 





Figure 3-20. Biometry categories 


Notes: 


WL191.0 


There are two categories of biometry technologies: physiological and behavioral. 
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Summary 


Enterprise systems evolution Credential system risk 
Enterprise structure data management 

Enterprise business data Identity policy metrics 
Access control data Risk management profile 
Data related to individuals Assessing security risks 
Access control risk IBM embedded Security 
management Subsystem 

Access policy metrics Proximity lockout badge 
Information flow risk * Biometry technologies 


management * Biometry categories 
° Flow policy metrics 





Figure 3-21. Summary WL191.0 


Notes: 


What this unit has covered. 
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Unit 4. The value of objects for the enterprise 


What This Unit Is About 


This unit focuses on the definition of the problem scope. 
In this purpose, it defines the different concepts to be used. 


The main topic of this unit is to explain to the audience that security 
should not be considered as an aggregation of techniques, but as a 
whole functional requirement of an information system. 


What You Should Be Able to Do 


After completing this unit, you should be able to: 
¢ Build the security scale, specific to your enterprise. 


¢ Explain the reasons of a cost related to a security policy 
implementation within our wireless network. 
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Welcome to: 


WL19 haa 
Wireless End to End Security 














Figure 4-1. WL19 WL191.0 


Notes: 


WL19 unit 4 introduces the value of the objects for the enterprise. It shows why the security 
must be considered as a whole. 
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Objectives 
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After completing this unit, you should be able to: 
¢ Build the security scale, specific for your enterprise. 


¢ Explain the reasons of a cost related to a security policy 
implementation within a wireless network. 








Figure 4-2. Objectives WL191.0 
Notes: 
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Contents 


Security management standard 
Security management is global 
Security Policy 

Organizational security 

Asset classification and control 
Personnel security 

Physical and environmental security 


Access control 

Systems development and maintenance 
Business continuity management 
Compliance 

What is information security ? 


Communications and Operations Management 





Figure 4-3. Contents 


Notes: 


WL191.0 


This slide is a list corresponding to the next slides that cover the objectives of this unit. 
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Security Management Standard 


ISO 17799. 


This standard is called: 
« Code of practice for information security management ». 


It develops in 10 chapters the essential elements which need to be 
considered in managing the security of an enterprise. These 
chapters are summarized hereafter, but first, let’s have a look on 
the consequences of an incomplete security management. 


It is essential to consider all security management to be 
assessed globally. Any weakness in one domain impacts 
the whole security. 





Figure 4-4. Security management standard WL191.0 


Notes: 


The ISO 17799 standard is called " Code of practice for information security management 
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Security Management Is Global (1/2) 


Code of practice for information security management: 
ISO 17799 


1. Security policy 

2. Organizational security 

3. Asset classification and control 
4. Personnel security 


5. Physical and environmental 
security 








Figure 4-5. Security management is global (1/2) WL191.0 


Notes: 
Here are the five first topics covered by the ISO 17799 standard. 
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Security Management Is Global (2/2) 


ISO 17799 


6. Communications and operations 
management 


7. Access control 
8. Systems development 
and maintenance 


9. Business continuity management 





10.Compliance 





Figure 4-6. Security management is global (2/2) WL191.0 


Notes: 


Here are the remaining topics covered by the ISO 17799 standard. 
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Security Policy 


Information security policy 


To provide management direction and support for information 
security. 


Information security policy document 


A policy document should be approved by management, published 
and communicated, as appropriate, to all employees. 
Review and evaluation 


The policy should have an owner who is responsible for its 
maintenance and review according to a defined review process. 





Figure 4-7. Security Policy WL191.0 


Notes: 
Security Policy is the first domain addressed by the ISO 17799 standard. 
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Organizational Security 


Information security infrastructure 


To manage information security within the organization. 


Security of third party access 


To maintain the security of organizational information processing 
facilities and information assets accessed by third parties. 


Outsourcing 


To maintain the security of information when the responsibility for 
information processing has been outsourced to another organization. 





Figure 4-8. Organizational security WL191.0 


Notes: 


Organizational security is the second domain addressed by the ISO 17799 standard. 
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Asset Classification and Control 


Accountability for assets 


* To maintain appropriate protection of organizational assets. 


Information classification 


To ensure that information assets receive an appropriate level of 
protection. 


Information should be classified to indicate the need, priorities and 
degree of protection. 





Figure 4-9. Asset classification and control WL191.0 


Notes: 


Asset classification and control is the third domain addressed by the ISO 17799 standard. 
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Personnel Security 


Security in job definition and resourcing 


° To reduce the risks of human error, theft, fraud or misuse of facilities. 


User training 
° To ensure that users are aware of information security threats and 
concerns, and are equipped to support organizational security policy 
in the course of their normal work. 


Responding to security incidents and malfunctions 


° To minimize the damage from security incidents and malfunctions, 


and to monitor and learn from such incidents. 





Figure 4-10. Personnel security WL191.0 


Notes: 
Personnel security is the fourth domain addressed by the ISO 17799 standard. 
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Physical and Environmental Security 


Secure areas 


° To prevent unauthorized access, damage and interference to 
business premises and information. 


Equipment security 


* To prevent loss, damage or compromise of assets and interruption to 
business activities. 


General controls 


* To prevent compromise or theft of information and information 
processing facilities. 





Figure 4-11. Physical and environmental security WL191.0 


Notes: 


Physical and environmental security is the fifth domain addressed by the ISO 17799 
standard. 
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Communications and Operations Management 


Operational procedures and responsibilities 
* To ensure the correct and secure operation of information 
processing facilities. 


System planning and acceptance 
° To minimize the risk of systems failures. 


Protection against malicious software 
* To protect the integrity of software and information. 


Housekeeping 
° To maintain the integrity and availability of information processing 
and communication services. 


Network management 
°* To ensure the safeguarding of information in networks and the 
protection of the supporting infrastructure. 


Media handling and security 
° To prevent damage to assets and interruptions to business activities. 


Exchanges of information and software 
° To prevent loss, modification or misuse of information exchanged 
between organizations. 





Figure 4-12. Communications and Operations Management WL191.0 


Notes: 


Communications and Operations Management is the sixth domain addressed by the ISO 
17799 standard. 
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Access Control 


Business requirement for access control 
© To control access to information. 


User access management 
° To prevent unauthorized access to information systems. 


User responsibilities 
* To prevent unauthorized user access. 


Network access control 
° Protection of networked services. 


Operating system access control 
* To prevent unauthorized computer access. 


Application access control 
* To prevent unauthorized access to information held in information 
systems. 


Monitoring system access and use 
° To detect unauthorized activities. 


Mobile computing and teleworking 
° To ensure information security when using mobile computing and 
teleworking facilities. 





Figure 4-13. Access control WL191.0 


Notes: 


Access control is the seventh domain addressed by the ISO 17799 standard. 
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Systems Development and Maintenance 


Security requirements of systems 
° To ensure that security is built into information systems. 
Security in application systems 


°* To prevent loss, modification or misuse of user data in application 


systems. 
Cryptographic controls 
°* To protect the confidentiality, authenticity or integrity of information. 
Security of system files 


° To ensure that IT projects and support activities are conducted ina 
secure manner. 


Security in development and support processes 


* To maintain the security of application system software and 


information. 





Figure 4-14. Systems development and maintenance WL191.0 


Notes: 


Systems development and maintenance is the eighth domain addressed by the ISO 17799 
standard. 
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Business Continuity Management 


Aspects of business continuity management 


To counteract interruptions to business activities and to protect 
critical business processes from the effects of major failures or 
disasters. 


* Business continuity management process. 
° Business continuity and impact analysis. 
* Writing and implementing continuity plans. 
° Business continuity planning framework. 


° Testing, maintaining and re-assessing business continuity plans. 





Figure 4-15. Business continuity management WL191.0 


Notes: 


Business continuity management is the ninth domain addressed by the ISO 17799 
standard. 
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Compliance 


Compliance with legal requirements 


* To avoid breaches of any criminal and civil law, statutory, regulatory 


or contractual. 


Reviews of security policy and technical compliance 


* To ensure compliance of systems with organizational security 


policies and standards. 


System audit considerations 


© To maximize the effectiveness of and to minimize interference to/from 


the system audit process. 





Figure 4-16. Compliance WL191.0 


Notes: 
Compliance is the last domain addressed by the ISO 17799 standard. 
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What Is Information Security ? 


Information is an asset which, like other important business assets, 
has value to an organization and consequently needs to be 
suitably protected. Information security protects information from 
a wide range of threats in order to ensure business continuity, 
minimize business damage and maximize return on investments 
and business opportunities. 


* Confidentiality. 

° Integrity. 

° Availability. 

Information security is achieved by implementing a suitable set of 


controls, which could be policies, practices, procedures, 
organizational structures and software functions. 





Figure 4-17. What is information security? WL191.0 


Notes: 
This concludes the study of the ISO 17799. 
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Summary 
The value of objects for the enterprise. _ 


Security management standard 
Security management is global 

Security Policy 

Organizational security 

Asset classification and control 
Personnel security 

Physical and environmental security 
Communications and Operations Management 
Access control 

Systems development and maintenance 
Business continuity management 
Compliance 

What is information security ? 





Figure 4-18. Summary WL191.0 


Notes: 


What this unit has covered. 
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Unit 5. The control zone definition 


What This Unit Is About 


Define where the enterprise frontiers are located. 


What You Should Be Able to Do 


After completing this unit, you should be able to: 
¢ Understand the concept of the control zones. 


¢ Overcome the difficulties dues to the wireless world because it is a 
world where control zones are not related to traditional physical 


boundaries. 





© Copyright IBM Corp. 2003 Unit 5. The control zone definition 


Course materials may not be reproduced in whole or in part 
without the prior written permission of IBM. 


5-1 


Student Notebook 





Welcome to: 





WL19 
Wireless End to End Security 
| 


Unit 5: The control zone definitic 











Figure 5-1. WL19 


Notes: 


WL19 unit 5 introduces the concept of the control zones. 


The control zones are environments that can be isolated to be addressed separately. 
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Objectives 


N 
vt 
ee 


After completing this unit, you should be able to: 
¢ Understand the concept of the control zones. 
¢ Overcome the difficulties due to the wireless world 


because it is a world where control zones are not 
related to traditional physical boundaries. 








Figure 5-2. Objectives WL191.0 
Notes: 
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Contents 


Traditional system control zones 

Server / users control zones 

Wireless control zones 

Enterprise physical control zones 
Enterprise knowledge control zones 
Internal knowledge control zones 

Control zones extended to subcontractors 
Control zones extended to customers 
Control zones extended to partners 
Control zones extended to providers 





Figure 5-3. Contents WL191.0 


Notes: 


This slide is a list corresponding to the next slides that cover the objectives of this unit. 
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Traditional System Control Zones 
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Remote location. 


Figure 5-4. Traditional system control zones 


WL191.0 
Notes: 


Before looking the control zones of a complex environment, let's have a look on the control 
zones of a traditional system. 
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Server / Users Control Zones 








Mobile 





Each server 
has its own 
control zones 


s 
“Tenet” 





Figure 5-5. Server / users control zones WL191.0 


Notes: 


Actually, the control zones that we define are only those which depend on the enterprise. 
The public domain does not represent a control zone that we consider. We do not control 
anything there. 
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Wireless Control Zones 


*. 
@ 








Figure 5-6. Wireless control zones WL191.0 


Notes: 


With a wireless connectivity, a wireless control zone must extend up to the limit where it 
becomes impossible to capture any data. This zone is complex to be determined. 
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Enterprise Physical Control Zones 
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Figure 5-7. Enterprise physical control zones WL191.0 


Notes: 


We must make the difference between the physical domain and the knowledge domain. 
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Enterprise Knowledge Control Zones 





Data / Application 
servers. 





Internal people: 
Management and 
employees 








Figure 5-8. Enterprise knowledge control zones WL191.0 


Notes: 


Here are some examples of contributors. 
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Internal Knowledge Control Zones 





Data / Application 
servers. 





Internal people: 
Management and 
employees 








Figure 5-9. Internal knowledge control zones WL191.0 


Notes: 


Internal knowledge control zones are similar to the physical control zone of the enterprise. 
It involves the employees within their work area, which may be mobile. 
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Control Zones Extended to Subcontractors 





Data / Application 
servers. 





Internal people: 
Management and 
employees 








Figure 5-10. Control zones extended to subcontractors WL191.0 


Notes: 


We still consider the enterprise staffing, but we add the subcontractors. 
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Control Zones Extended to Customers 





Data / Application 
servers. 





Internal people: 
Management and 
employees 








Figure 5-11. Control zones extended to customers WL191.0 


Notes: 


The problem is not so critical if we replace the subcontractor by the customer. We must be 
careful anyway with this external staffing. In all cases, we must consider all of the 
customers as part of the same control zone. 
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Control Zones Extended to Partners 





Data / Application 
servers. 





Internal people: 
Management and 
employees 





Figure 5-12. Control zones extended to partners WL191.0 


Notes: 


Partners generally don't have access to enterprise data, but their frequent contacts with the 
employees in the domain of their competence may lead to assimilate them to regular 
employees. 
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Control Zones Extended to Providers 





Data / Application 
servers. 





Internal people: 
Management and 
employees 





Figure 5-13. Control zones extended to providers WL191.0 


Notes: 


Providers are required to deliver either prototype or production parts. In the purpose to 
reduce costs, production figures are given to them. Those figures must be sized in sucha 
way that they don't provide a reliable image of the enterprise business plans. 
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Summary 


Traditional system control zones 

Server / users control zones 

Wireless control zones 

Enterprise physical control zones 
Enterprise knowledge control zones 
Internal knowledge control zones 

Control zones extended to subcontractors 
Control zones extended to customers 
Control zones extended to partners 
Control zones extended to providers 





Figure 5-14. Summary WL191.0 


Notes: 


What this unit has covered. 
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Unit 6. The security policy definition 


What This Unit Is About 


The security policy definition will explain which characteristics of all the 
systems should be considered out when establishing a global security 


policy. 


What You Should Be Able to Do 


After completing this unit, you should be able to: 


¢ Create the security policies that will fulfil the enterprise security 
requirements 
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Welcome to: 





WL19 heal 
Wireless End to End Security 
| 











Figure 6-1. WL19 WL191.0 


Notes: 


WL19 unit 6 introduces the policies created as part of the Risk Assessment. 
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Objectives 


N 
rds 
S 


After completing this unit, you should be able to: 


* Create the security policies that will fulfill the enterprise 
security requirements 








Figure 6-2. Objectives WL191.0 
Notes: 
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Contents 
° Enterprise Security Requirements ® Access subsystem 
° Risk Management Process policies 
° Security management conditions ® Flow control 
° Security evaluation criteria subsystem policies 
° Common criteria requirements ® Solution integrity 
°* Common Criteria Documentation subsystem policies 
° Designing a secure solution ° Ready for security 
°* Common criteria simplified model policy deployment 
* Security audit subsystem 
* Access control subsystem 
°* Flow control subsystem 
* Identity or credential subsystem 
* Solution integrity subsystem 
* Creating subsystem policies 
e 


Audit subsystem policies 





Figure 6-3. Contents WL191.0 


Notes: 


This slide is a list corresponding to the next slides that cover the objectives of this unit. 
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Enterprise Security Requirements 


Security objectives 


* Protect Information stored and in transit 

°* Ensure accountability through trusted identity 
* Ensure correct and reliable operation 

° Limit access to information based upon policy 


° Limit access to systems and processes based 
upon policy 


°* Defend against attacks 


°* Defend against fraud 





Figure 6-4. Enterprise Security Requirements WL191.0 


Notes: 


Traditionally, security requirements have been expressed by referencing the security 
services within the OSI model: authentication, access control, data confidentiality, data 
integrity and non repudiation. 
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Risk Management Process 















Risk 
Analysis 


Security 
Policies 






Implementation 


Administration 


Risk acceptance .... 

° Isa Cost decision: the amount of investment required to lower the risk. 
Is a « Pain » decision: the ability to deal with on-going security incidents. 
Is a Visibility decision: the potential impact to Corporate reputation. 
But... 


° Must not be a « surprise » decision: Accepting risk without knowing it. 








Figure 6-5. Risk Management Process WL191.0 


Notes: 


The risk management process is a permanent loop. 
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Security Management Conditions 


Expectations from today’s security architect: 


Need to meet high expectations and service levels, 
Use a limited set of tools and techniques, 


Have low visibility of the electronic activities within the 
operational environment. 


In addition, security architects have the challenge of 
timely recognition and response to events and peril. 





Figure 6-6. Security management conditions WL191.0 


Notes: 


Among other obligations, security architects have the challenge of timely recognition and 
response to events and peril. 
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Security Evaluation Criteria 


Agencies and standards have developed 
IT evaluation criteria. 


° TCSEC in the USA: « Trusted Computer System Security Evaluation 
Criteria ». 


° ITSEC in Europe: « Information Technology Security Evaluation 
Criteria ». 


* CTCPEC in Canada: « Canadian Trusted Computer Product Evaluation 
Criteria » 


* CC.7 is a combination of those documents, done in 1996: « Common 
Criteria ». 


> This document was approved by ISO in 1999 « International 
Organization for Standardization ». 


This initiative opens the way to worldwide mutual recognition of 
product evaluation results. 





Figure 6-7. Security evaluation criteria WL191.0 


Notes: 


The history of the "common criteria" has started with some similar standards in different 
countries. 
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Common Criteria Requirements 


Common Criteria provide a taxonomy for evaluating 
security functionality through a set of functional and 
assurance requirements. 


They include 11 functional classes of requirements: 


* Security audit, 

* Communication, 

* Crypto-graphic support, 

° User data protection, 

° Identification and authentication, 
° Management of security functions, 
° Privacy, 

° Protection of security functions, 
° Resource utilization, 

* Component access, 

* Trusted path or channel. 








Figure 6-8. Common criteria requirements WL191.0 


Notes: 


Common Criteria provide a taxonomy for evaluating security functionality through a set of 
functional and assurance requirements. 
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Common Criteria Documentation 
Part 1: 


Introduction and general model, is the introduction to the CC. It defines general 
concepts and principles of IT security evaluation and presents a general model of 
evaluation. Part 1 also presents constructs for expressing IT security objectives, for 
selecting and defining IT security requirements, and for writing high-level 
specifications for products and systems. In addition, the usefulness of each part of 
the CC is described in terms of each of the target audiences. 


Part 2: 


Security functional requirements, establishes a set of security functional 
components as a standard way of expressing the security functional requirements 
for Targets of Evaluation (TOEs). Part 2 catalogues the set of functional 
components, families, and classes. 


Part 3: 


Security assurance requirements, establishes a set of assurance components as a 
standard way of expressing the assurance requirements for TOEs. Part 3 
catalogues the set of assurance components, families, and classes. Part 3 also 
defines evaluation criteria for Protection Profiles (PPs) and Security Targets (STs) 
and presents evaluation assurance levels that define the predefined CC scale for 
rating assurance for TOEs, which is called the Evaluation Assurance Levels (EALs). 





Figure 6-9. Common Criteria Documentation WL191.0 


Notes: 


This introduces the three parts of the common criteria document. 
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Designing a Secure Solution 


To develop an extensible method for 
designing secure solutions: 


Build a system model that is representative of the 
functional aspects of security within the complex solution. 


Create a systematic approach for creating security 
architectures based on the Common Criteria requirements 
taxonomy and the corresponding security system model 





Figure 6-10. Designing a secure solution WL191.0 


Notes: 


To develop an extensible method for designing secure solutions. 
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Common Criteria Simplified Model 





To adapt the Common criteria to the objective of building 
a security architecture, requirements can be aggregated 
in security themes: 


Functional 
Category 


Security audit 


Access control 
Flow control 
Identity / credentials 


Solution integrity 


Common Criteria Functional Class 


Audit, component protection, resource utilization 


Data protection, component protection, security management, 
component access, cryptographic support, identification and 
authentication, communication, trusted path/channel 


Communication, cryptographic support, data protection, component 
protection, trusted path/channel, privacy 


Cryptographic support, data protection, component protection, 
identification and authentication, component access, security 
management, trusted path/channel 


Cryptographic support, data protection, component protection, 
resource utilization, security Management 








Figure 6-11. Common criteria simplified model WL191.0 


Notes: 


A simplified model is obtained by grouping the requirements per functional categories. 
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Security Audit Subsystem 


A security audit subsystem is responsible for 
capturing, analyzing, reporting, archiving, and 
retrieving records of events and conditions 
within a computing solution. 


* Collection of security audit data, including capture of the appropriate 
data, trusted transfer of audit data, and synchronization of chronologies. 


* Protection of security audit data, including use of time stamps, signing 
events, and storage integrity to prevent loss of data. 


° Analysis of security audit data, including review, anomaly detection, 
violation analysis, and attack analysis using simple heuristics or 
complex heuristics. 


° Alarms for loss thresholds, warning conditions, and critical events. 





Figure 6-12. Security audit subsystem WL191.0 


Notes: 


A security audit subsystem is responsible for capturing, analyzing, reporting, archiving, and 
retrieving records of events and conditions within a computing solution. 
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Access Control Subsystem 


From Common Criteria, the functional 


requirements for an access control 
subsystem should include: 


° Access control enablement 





* Access control monitoring and enforcement 


° Identification and authentication mechanisms, including verification of 
secrets, cryptography (encryption and signing), and single- versus 
multiple-use authentication mechanisms 


° Authorization mechanisms, to include attributes, privileges, and 
permissions 


° Access control mechanisms, to include attribute-based access control 
on subjects and objects and user-subject binding 


°* Enforcement mechanisms, including failure handling, bypass 
prevention, banners, timing and timeout, event capture, and decision 
and logging components 





Figure 6-13. Access control subsystem WL191.0 


Notes: 


The purpose of an access control subsystem in an IT solution is to enforce security policies 
by gating access to, and execution of, processes and services within a computing solution 
via identification, authentication, and authorization processes, along with security 
mechanisms that use credentials and attributes. 
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Flow Control Subsystem 


From Common Criteria, the functional 


requirements for an information flow 
subsystem should include: 


° Flow permission or prevention 





°* Flow monitoring and enforcement 


* Transfer services and environments: open or trusted channel, open or 
trusted path, media conversions, manual transfer, import to or export 
between domains 


° Mechanisms observability: to block cryptography (encryption) 
°* Storage mechanisms: cryptography and hardware security modules 


° Enforcement mechanisms: asset and attribute binding, event capture, 
decision and logging components, stored data monitoring, rollback, 
residual information protection and destruction 





Figure 6-14. Flow control subsystem WL191.0 


Notes: 


The purpose of an information flow control subsystem in an IT solution is to enforce 
security policies by gating the flow of information within a computing solution, affecting the 
visibility of information within a computing solution, and ensuring the integrity of information 
flowing within a computing solution. 
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Identity or Credential Subsystem 


From Common Criteria, the functional 


requirements for a credential subsystem 
should include: 





° Single-use versus multiple-use mechanisms, either cryptographic or 
non-cryptographic 
°* Generation and verification of secrets 


° Identities and credentials to be used to protect security flows or 
business process flows 


° Identities and credentials to be used in protection of assets: integrity 
or non-observability 


° Identities and credentials to be used in access control: identification, 
authentication, and access control for the purpose of user-subject 
binding 

° Credentials to be used for purposes of identity in legally binding 
transactions 

°* Timing and duration of identification and authentication 

° Life cycle of credentials 

° Anonymity and pseudonymity mechanisms 





Figure 6-15. Identity or credential subsystem WL191.0 


Notes: 


This subsystem refers to people, their identity and their credibility in the enterprise. 





6-16 Wireless end to end security © Copyright IBM Corp. 2003 


Course materials may not be reproduced in whole or in part 
without the prior written permission of IBM. 


Student Notebook 





Solution Integrity Subsystem 


From Common Criteria, the focus of a 


solution integrity subsystem should 
include: 


° Integrity and reliability of resources 


° Physical protections for data objects, such as cryptographic keys, 
and physical components, such as cabling, hardware, etc. 


* Continued operations including fault tolerance, failure recovery, and 
self-testing 


° Storage mechanisms; cryptography and hardware security modules 
° Accurate time source for time measurement and time stamps 

* Prioritization of service via resource allocation or quotas 

°* Functional isolation using domain separation or a reference monitor 


° Alarms and actions when physical or passive attack is detected 





Figure 6-16. Solution integrity subsystem WL191.0 


Notes: 


The purpose of the solution integrity subsystem in an IT solution is to address the 
requirement for reliable and correct operation of a computing solution in support of meeting 
the legal and technical standard for its processes. 
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Creating Subsystem Policies 


Each security theme regrouping requirements 


must have corresponding subsystem policies 
and metrics: 


Security audit Audit policy 
metrics 
Access policy 
metrics 
Risk 
profile 
Identity / credentials Identity policy Identity 
metrics 
Solution integrity Integrity policy Integrity 
metrics 


Figure 6-17. Creating subsystem policies WL191.0 














Notes: 


In the previous slides we have made the inventory of all risks associated to five 
subsystems. 


We may have added one subsystem to cover a particular risk of the enterprise, for instance 
a military installation, a hospital, etc. 


Now we are going to create associated subsystem policies. 
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Audit Subsystem Policies 


The following policies match the audit 
subsystem requirements: 


Method of collecting security audit data: capture, trust, chronology. 


Method of protection of security audit data: time stamps, signing events, 
storage integrity. 


Method of analysis of security audit data: review, anomaly detection, 
violation analysis, attack analysis. 


Method of alarm triggering and detection: loss thresholds, warning 
conditions, critical events. 


Note: This list must be used as a basis to build the list appropriate to 
the particular situation. 





Figure 6-18. Audit subsystem policies WL191.0 


Notes: 


The policies listed here match the audit subsystem requirements that we have built earlier. 
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Access Subsystem Policies 


The following policies match the access 
subsystem requirements: 


° Method of enabling access. 

* Method of monitoring and enforcement. 

° Method of identification and authentication. 

° Method of authorization: attributes, privileges, permissions. 
° Method of access control. 


° Method of enforcement: failure handling, bypass prevention, banners, 
timing and timeout, event capture. 


Note: This list must be used as a basis to build the list appropriate to 
the particular situation. 





Figure 6-19. Access subsystem policies WL191.0 


Notes: 


The policies listed here match the access subsystem requirements that we have built 
earlier. 
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Flow Control Subsystem Policies 


The following policies match the flow control 
subsystem requirements: 


* Method of allowing or preventing an information flow. 

° Method of monitoring and enforcement. 

° Method of performing transfer services and controlling environments. 
° Method of blocking cryptography (encryption). 

° Method of securing storage. 


© Method of enforcement. 


Note: This list must be used as a basis to build the list appropriate 
to the particular situation. 





Figure 6-20. Flow control subsystem policies WL191.0 


Notes: 


The policies listed here match the flow control subsystem requirements that we have built 
earlier. 
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Solution Integrity Subsystem Policies 


The following policies match the solution 
integrity subsystem requirements (non- 
exhaustive): 


° Method of checking integrity and reliability of resources. 


° Method of physical protections for data objects and physical 
components. 


° Method of ensuring continued operations: fault tolerance, failure 
recovery, self-testing. 


° Method of protecting storage. 

° Method of providing accurate time source. 
° Method of prioritizing service. 

° Method of achieving functional isolation. 


* Method of triggering alarms and actions against physical or passive 
attack. 





Figure 6-21. Solution integrity subsystem policies WL191.0 


Notes: 


The policies listed here match the solution integrity subsystem requirements that we have 
built earlier. 
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Ready for Security Policy Deployment 


Audit 
metrics 
Access 
metrics 







E14 
management 
profile 


Identity 

metrics 
Integrity 
metrics 










Business 
justification 





Figure 6-22. Ready for security policy deployment WL191.0 


Notes: 


We have now determined the risks, created the associated policies and estimated their 
importance. 


We are ready to go into their implementation. 
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Summary 
° Enterprise Security Requirements ® Access subsystem 
° Risk Management Process policies 
° Security management conditions ® Flow control 
° Security evaluation criteria subsystem policies 
° Common criteria requirements * Solution integrity 
° Common Criteria Documentation subsystem policies 
° Designing a secure solution ° Ready for security 
° Common criteria simplified model policy deployment 
* Security audit subsystem 
* Access control subsystem 
°* Flow control subsystem 
* Identity or credential subsystem 
* Solution integrity subsystem 
* Creating subsystem policies 
e 


Audit subsystem policies 





Figure 6-23. Summary WL191.0 


Notes: 


What this unit has covered. 
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Unit 7. The security policy deployment 


What This Unit Is About 


This unit explains how to seamlessly integrate security policies into the 
enterprise processes.. 


What You Should Be Able to Do 


After completing this unit, you should be able to: 


¢ Establish the cost, schedule, and business justifications for 
deployment of the security policies. 
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Welcome to: 





WL19 - 
Wireless End to End Security 
| 







Unit 7: The security policy deploy 








Figure 7-1. WL19 WL191.0 


Notes: 


WL19 unit 6 has prepared the list of policies in the various domains and sized their value. 
The unit 7 will now make the work by establishing and documenting the cost, the timing and 
the business justification. 
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Objectives 
eb 
=e 
After completing this unit, you should be able to: 


° Establish the cost, schedule, and business justifications 
for deployment of the security policies. 








Figure 7-2. Objectives WL191.0 
Notes: 
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Contents 


Risk Management integration cost 
Company security domains 
Common criteria requirements 
Value estimate 

Audit subsystem policy values 


Other subsystems policy values 
User variants 

Device variants 

Output documents 

Risk Management document 
Business justification document 


Access control subsystem policy values 





Figure 7-3. Contents 


Notes: 


WL191.0 


This slide is a list corresponding to the next slides that cover the objectives of this unit. 
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Risk Management integration cost 









Risk 
Analysis 


Security 
Policies 


Administration 





Once the risk is identified and the policies determined ... 





Establish the cost of the integration in the enterprise process. 
°* Build a schedule for the implementation. 


Create a business justification / eventually challenge the target trust 
level. 





Figure 7-4. Risk Management integration cost WL191.0 


Notes: 


After determining the policies, their implementation is the next step in the risk management 
loop. 
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Company security domains 


Information security is part of the complete enterprise security 
* Interactions with other company domains must be considered. 


* Each considered domain must be clearly identified as referred to in the 
enterprise process. 


° Estimation of policy implementation costs must be consistent with 
other estimations done by any other person in the other domains. 


Interactions 


Subcontractors }°""""""°r*sese... Datacenter 


Mobile users 








Figure 7-5. Company security domains WL191.0 


Notes: 


Information security is part of the complete enterprise security. 
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Common criteria requirements 


The Common criteria, aggregated in security themes, have been used 
to determine the Risk management profile. They are now used to 
determine the cost: 


<Senetse 7 ll 
<a Me 
See A 
<B> ae 
<I C 


Figure 7-6. Common criteria requirements WL191.0 











Notes: 


How we have established policies in subsystems, and how we determine their cost. 
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Value estimate 


Each policy has to be evaluated to determine the importance of the 
associated risk. 





This will determine the importance of the corresponding protection. 


<ittes eC tiom m O 
<td tion > ed 
<test> Mea 
eee 
<< ttet —tton > Ze 


Figure 7-7. Value estimate WL191.0 





Notes: 


Each policy has to be evaluated to determine the importance of the associated risk. 
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Audit subsystem policy values 


Policy values estimated for the Audit subsystem. 
This will determine the importance of the corresponding protection. 


Audit policy element Low impact Critical Blocking the business 


audit data 
audit data 


PEE of secu LANG Daily report by operator Immediate analysis High priority process to 
Paes administrator 
Operator notified Operator and High priority process to 
NE Vaal) 
administrator notified administrator 








Figure 7-8. Audit subsystem policy values WL191.0 


Notes: 


Here is the example of a sizing, applied to the audit subsystem. 
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Access control subsystem policy values 


Policy values estimated for Access control. 
This will determine the importance of the corresponding protection. 


Audit policy element Low impact Critical Blocking the 
oXU TY al etk 


Enablement Self-registration Controlled registration Secure registration, strong 
identification 

Monitoring and Simple record Read only, signed Signed, encrypted, restricted 
access 

enforcement 


Identification and Single mechanism Controlled authentication Secured authentication 
; . process 

authentication 

Authorization a Limited and controlled list | Restricted and secured 

Access Simple access mechanism Two systems Strong authentication and 
locking 

Enforcement Notify operator High priority process to 
administrator 








Figure 7-9. Access control subsystem policy values WL191.0 


Notes: 


This example addresses a different domain, to determine the importance of the associated 
risk. 
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Other subsystems policy values 


Policy value estimate for information flow control, Identity/ credential 
solution integrity: 
The two previous models are examples. Determine the appropriate level of importance, 


position each policy action in the column where it is the best suited, using the enterprise 
process as reference to determine if the corresponding action is critical or not. 





Audit policy element Low impact Critical Blocking the 
LeU atest 


Policy 1 Medium cost action High level action 


Policy y Medium cost action High level action 
Policy i Medium cost action High level action 








Figure 7-10. Other subsystems policy values WL191.0 


Notes: 


This slide generalizes the value estimate. Note that the classification in three column is not 
the unique possibility. We can decide five values, or even ten. 
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User variants 


User mobility and Server oriented organizations need to consider 


the user and its variances: 


= = 
a= Ss 





Figure 7-11. User variants WL191.0 


Notes: 


The personnel represents a domain for the enterprise. Its conditions of work generate 
various levels of risks. 
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Device variants 


The computing power now available on portable computers, 
associated with the variety of Operating systems needs to consider 


the variances of the devices: 





oO 6 
e= = 





Figure 7-12. Device variants WL191.0 


Notes: 


Like employees generate specific situations of security, the devices and their operating 
systems also create variances that generate security issues. 
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Output documents 


Actions taken from a Risk management will be a compromise 
between the « ideally protected enterprise » and the absence of 
protection. 


A Risk management document will contain all relevant information's about the 
risk evaluations: 


° Identified risks, 
* Corresponding policies 
° Estimated values 


A Business justification document will expose the elements of decision and 
allow a discussion to take place to challenge the estimations. 


° Identified domains, 
* Comparisons with other domains, 
° Estimated values. 


The schedule is dependent from the customer. This document is not covered 
by the present instruction. 





Figure 7-13. Output documents WL191.0 


Notes: 


Actions taken from a Risk management action will be a compromise between the " ideally 
protected enterprise " and the absence of protection. 


The risk management is also a permanent loop periodically repeating the same actions to 
consider new elements. 


Documents are necessary to make the risk management action reproducible. 
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Risk Management document (1/6) 


First of all, indicate the location and the environmental conditions. 





° Name of the enterprise 

° Site location and sites covered 

° Date and triggering event (why this Risk Management is decided) 

° Scope of the Risk Management 

° Context of the Risk Management (part of a global R.M. for instance) 

° Identified domains covered by this Risk Management (list) 

° Identified interactions (list) 

° Interface person(s) in the enterprise for this Risk Management 

°* Other involved persons in the enterprise (Process, other domains, etc) 


° Reference of the enterprise process, affected parts. 





Figure 7-14. Risk Management document (1/6) WL191.0 


Notes: 


First of all, indicate the location and the environmental conditions. 
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Risk Management document (2/6) 


Identify the domains covered by this Risk Management. 


° Infrastructure 

° Datacenter 

°* Production unit(s) 
° Subcontractors 

° Mobile users 


° Intranet 





° Providers 
° Other site(s) 





Figure 7-15. Risk Management document (2/6) WL191.0 


Notes: 


Then, identify the domains covered by this risk Management. 
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Risk Management document (3/6) 


Document the requirements per category of security theme 


°* Criteria for security audit 
° Criteria for access control 
° Criteria for information flow control 


° Criteria for identity / credentials 





° Criteria for Solution integrity 


Specific criteria defined according to the enterprise business 





Figure 7-16. Risk Management document (3/6) WL191.0 


Notes: 


Now, document the requirements per category of security theme. 
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Risk Management document (4/6) 


Document the policies per category of security theme 


° Policies for security audit 

° Policies for access control 

°* Policies for information flow control 
* Policies for identity / credentials 


* Policies for Solution integrity 





Policies related to specific criteria defined according to the enterprise 
business 





Figure 7-17. Risk Management document (4/6) WL191.0 


Notes: 


After documenting the requirements, we document the policies. 
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Risk Management document (5/6) 


Document the estimated values assigned to the policies 


* Values assigned to policies for security audit 
°* Values assigned to policies for access control 
° Values assigned to policies for information flow control 


* Values assigned to policies for identity / credentials 





°* Values assigned to policies for Solution integrity 


Values assigned to policies related to specific criteria defined 
according to the enterprise business 





Figure 7-18. Risk Management document (5/6) WL191.0 


Notes: 


Once the policies are documented, how about their importance? 
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Risk Management document (6/6) 


Summarize the elements. Produce output documents and 
recommendations. 


* Build the resulting cost figures, 
°* Establish an operational implementation timing 
* Summarize the business justification, detailed in a specific document 


° Make a recommendation, containing scalable implementations 





Figure 7-19. Risk Management document (6/6) WL191.0 


Notes: 


This is the conclusion. What is the result? What are the recommendations? What is the 
cost? 





7-20 Wireless end to end security © Copyright IBM Corp. 2003 


Course materials may not be reproduced in whole or in part 
without the prior written permission of IBM. 


Student Notebook 





Business justification document (1/5) 


Indicate the location and the environmental conditions. 


°* Refer to the Risk management document 
° Indicate the name of the enterprise 
° Add the main identification data 


° List the covered domains and the relations with the others 


This document should generally look like a presentation, used 
as a basis of discussion to challenge and reposition the 
values estimated for the policies. 





Figure 7-20. Business justification document (1/5) WL191.0 


Notes: 


Like the risk management, the first part of the business justification document must identify 
the enterprise and the environment. 
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Business justification document (2/5) 


Indicate the « State of the Art ». 


* Update of the threats to which an information system is exposed 
° Latest identified attacks per type 

* Known vulnerabilities of information systems 

° Most targeted domains 

° Known resolutions 


® Known unresolved attack cases 


Obviously this status is intended to prepare the audience to the 


need to spend money, opposed to the exposure to lose 
some. 





Figure 7-21. Business justification document (2/5) WL191.0 


Notes: 


To have a chance to get some investment, start by showing to people what their enemy is. 
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Business justification document (3/5) 


Present the requirements per category of security theme 


Do not go into details. Make reference to the main document. 
Indicate all the categories, including a specific for the enterprise. 
Document the main requirements, summarize the others. 


List the challenging items, the most subject to discussion. 


Although this presentation is summarized and refers to the Risk 
Management document for details, this list of requirements 
per category must give a thorough view of the problem 
within the enterprise. 





Figure 7-22. Business justification document (3/5) WL191.0 


Notes: 


Present the requirements per category of security theme 
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Business justification document (4/5) 


Present the Values estimated per policy and their cost 


For each category, indicate the rational of the estimates, the related 
threats and the particular exposure in the context of the enterprise. 
Document the previous choices and their application in the present 
period. 


Indicate the resulting risk value, and the resulting cost. 


This part of the presentation allows taking cost decision within 
each category, once the global cost decision is taken. 





Figure 7-23. Business justification document (4/5) WL191.0 


Notes: 


Present the Values estimated per policy and their cost 
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Business justification document (5/5) 


Present the results: Cost figures, implementation timing, 
recommendations. 


* Cost per category 

* Resulting cost 

* Implementation timing per category 

* Resulting implementation timing, good input for a schedule 


* Recommendations: Scalable implementation, including provisions for 
new exposures. 


Because the budget will never fit all the recommended deployment, 
a scalable implementation will allow to improve the security in 
the time, while the threats progress and change. 





Figure 7-24. Business justification document (5/5) WL191.0 


Notes: 


This is the last page, the decision maker. 
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Summary 


Risk Management integration cost 
Company security domains 
Common criteria requirements 
Value estimate 

Audit subsystem policy values 


Other subsystems policy values 
User variants 

Device variants 

Output documents 

Risk Management document 
Business justification document 


Access control subsystem policy values 





Figure 7-25. Summary 


Notes: 


What this unit has covered. 


WL191.0 
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Unit 8. The enterprise network and information 
systems surveillance 


What This Unit Is About 


This unit describes the characteristics of the tasks to be created and 
periodically run, to guarantee that an enterprise information system 
integrity has not been modified. 


What You Should Be Able to Do 


After completing this unit, you should be able to: 


¢ Add and run security monitoring of the enterprise information 
system 


¢ Perform seamless integration with already existing performance 
monitoring 


¢ Perform seamless integration with asset Management. 
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Welcome to: 





WL19 
Wireless End to End Security 






Unit 8: The enterprise network a 
information system surveillance 








Figure 8-1. WL19 WL191.0 


Notes: 


This unit explains how to maintain a Risk management process, and how to make the 
surveillance of the implemented policies. 
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Objectives 

++ 

After completing this unit, you should be able to: 


° Add and run security monitoring of the enterprise 
information system 


° Perform seamless integration with already existing 
performance monitoring 


° Perform seamless integration with asset 
Management. 





Figure 8-2. Objectives WL191.0 


Notes: 
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Contents 


Risk Management follow-on 

Wireless Security Auditor (WSA) 
Red-M’s Red-Secure software 
Symantec vulnerability assessment 1.0 
Ethical hacking 

User behavior 

Bibliography 





Figure 8-3. Contents WL191.0 


Notes: 


This slide is a list corresponding to the next slides that cover the objectives of this unit. 
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Risk Management Follow-on 

















Risk 
Analysis 


re Security 
Buditing Policies 


Administration Implementation 








A deployment of security measures is never definitive ... 


* Changes in threats and exposures. 


° Changes in the enterprise. 


° Changes at employee level. 





Methods are built with the objective to permit the evaluation of a 
risk management in an enterprise. 





Figure 8-4. Risk Management follow-on 





WL191.0 
Notes: 
After the implementation, administration and auditing are the next step in the risk 
management loop. 
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Wireless Security Auditor (WSA) 


Access points 


ree, I 
Address: 00:40:96:27:ec:74 
BSSID: 00:40:96:27:ec:74 
SSID: "IBM" 
Name: “hawlws3se55-1" 
Data: WEP 


Eile Options Help Auth: (none seen yet) 
a ‘ 


Beset | associate | Ok =| 








Figure 8-5. Wireless Security Auditor (WSA) WL191.0 


Notes: 


WSA is an audit tool developed by IBM to audit a wireless network. 
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Wireless Security Auditor (WSA) 


WSA is an IBM research prototype of an 802.11 wireless LAN 
security auditor, running on Linux on an iPAQ PDA. 


° WSA automatically audits a wireless network for proper security 
configuration. 


° WSA allows to easily and quickly verify the security configuration of 
wireless networks. 


° WSA allows to detect rogue access points, which are normally 
difficult to detect with normal network monitoring tools. 


° WSA allows administrators to verify that all access points are at the 
desired firmware revision. 


° WSA locates access points and examines their configuration and 
setup. 





Figure 8-6. Wireless Security Auditor (WSA) WL191.0 


Notes: 


WSA detects 802.11 access points, looks their configuration and setup, record their 
position using GPS. 
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Wireless Security Auditor (WSA) 
802.11 Management Issues. 


°* What access points are actually installed ? 
° Where are they ? 

° Are they part of the enterprise network ? 

° Are they permanently installed ? 

° Are they properly configured ? 

* Do they have the latest firmware ? 

° Are they vulnerable to WEP attacks ? 


* Do they use encryption ? 


WSA helps answering those questions. 





Figure 8-7. Wireless Security Auditor (WSA) WL191.0 


Notes: 


The wireless management issues. 
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Wireless Security Auditor (WSA) 


What does WSA do ? 


* Tracks beacon packets to find all access points. 

* Locates access points with their GPS coordinates. 
° Determines SSID and AP name. 

* Tracks probe packets, and the probe responses. 

* Tracks data packets. 

°* Determines: link encryption method. 

* Tracks authentication packets. 

° Determines authentication method 

° Tracks clients 


* Determines firmware versions by fingerprinting the access point's 
detailed behavior. 








Figure 8-8. Wireless Security Auditor (WSA) WL191.0 
Notes: 

What does WSA do? 
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Red-m’s Red-secure Software 


What does it do ? 


°* Detecting security breaches or potential breaches 
°* Applying appropriate corrective action to mitigate what’s been detected 
* Protecting the network by ensuring policies are actually enforced 


° Integrating a CA (where required) into the definition of user or device 
based policies 


* Use of a single CA to generate certificates for use both in 802.11i and 
other environments, such as for VPN connections 


° Linking of network management activities with security related activities, 
by correlating device management of Access Points (discovery, 
upgrades, status, load, and other QoS related metrics) with the 
enforcement of security policies. 





*** CA = Certification Authority Source: Red-M 
Figure 8-9. Red-M’s Red-Secure software WL191.0 
Notes: 


Red-M is a company that proposes access points and software tools. 
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Symantec Vulnerability Assessment 1.0 


Symantec Vulnerability Assessment lets you: 


* Understand the state of vulnerability within your network. 


* Eliminate the guesswork in evaluating the risks from new 
vulnerabilities. 


° Learn about new vendor recommended fixes and work-arounds 
from a single source. 


* Avoid unplanned downtime and lost productivity. 


* Minimize the costs that are associated with security incidents. 


Source: Symantec. 





Figure 8-10. Symantec vulnerability assessment 1.0 WL191.0 


Notes: 


After IBM and Red-M, Symantec also offers a security assessment tool. 
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Symantec Vulnerability Assessment 1.0 
Host-based audits: 


Conducted on individual computers. This capability is provided 
by the SVA Provider components supplied as part of SVA. The 
advantages of host-based assessment are: 


* Greatly reduced numbers of false positive and false negative 
reports when compared with network-based products. 


* Superior scalability over network-based products. 


* Increased security over agent-less assessments that require 
administrative privileges. 


Source: Symantec. 





Figure 8-11. Symantec vulnerability assessment 1.0 WL191.0 


Notes: 


The Symantec vulnerability assessment program performs audits at host level. 
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Symantec Vulnerability Assessment 1.0 


Network-based audits: 


Conducted from central locations on the network The advantages 
of network-based assessment are: 


* Immediate vulnerability information without having to deploy 
SESA (Symantec Enterprise Security Architecture (SESA) ) 
Agents. 


* Immediate vulnerability information about network resources 
that cannot install SESA Agents; for example, network routers or 
firewalls. 


* Discovery of unknown computers and other resources on the 
network. 


°* Ability to audit the vulnerability of computers to attacks from 
inside or outside the network. 


Source: Symantec. 





Figure 8-12. Symantec vulnerability assessment 1.0 WL191.0 


Notes: 


The Symantec vulnerability assessment program performs audits at network level. 
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Symantec Vulnerability Assessment 1.0 


Additional features: 


* Centralized reporting and management of vulnerabilities. 


* Comprehensive "health check" of the network is available 
from a central location with a consistent, automated, 
repeatable, and on-demand system. 


* Identifies vulnerabilities in mission critical systems and 
applications, not just the operating system. 


* Scalable, three-tier architecture providing coverage for the 
entire enterprise that can extend across the Internet. 


* Authorized users can make security corrections on remote 
systems from a central location. 


Source: Symantec. 





Figure 8-13. Symantec vulnerability assessment 1.0 WL191.0 


Notes: 


Finally, the Symantec vulnerability assessment 1.0 program offers a few goodies. 
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Ethical Hacking 





Hacker: An individual who illegally gains access to an electronic system, using clever tricks. 


Ethical hacker: An employee in charge to detect the vulnerabilities of an information system. 


Public domain Firewall Private domain 








Figure 8-14. Ethical hacking WL191.0 


Notes: 


In the unit 1, we have learned that a hacker is an individual who illegally gains access to an 
electronic system, using clever tricks. 
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User Behavior 


The user is an important contributor to eliminate the vulnerabilities 
of an information system: 


* Be reasonably aware of the presence of threats at your level. 


¢ Do not propagate real or wrong information about virus or 
worms, but inform your security administrator. 


* Do not spread doubtful documents, programs, chain letters, etc. 


¢ Protect your system with strong passwords: Disk, operating 
system, network access, etc. 





Figure 8-15. User behavior WL191.0 


Notes: 


The user is not an unreachable person, allowed to do anything on his system. His 
cooperation is important regarding the protection of the enterprise. 
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Figure 8-18. Summary WL191.0 


Notes: 


What this unit has covered. 
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